Go to the source code of this file.
Functions | |
CheckJrn ($p_dossier, $p_user, $p_jrn, $p_detail=False) | |
Vérifie les acces d'un utilisateur sur un journal. | |
CheckAction ($p_dossier, $p_login, $p_action_id) | |
Check if an user is allowed to do an action. | |
CheckIsAdmin ($p_user) | |
Check if an user is an administrator. | |
CheckDossier ($p_user, $p_dossier) | |
Check if an user has acces to a folder. |
Definition in file check_priv.php.
|
Check if an user is allowed to do an action.
Definition at line 146 of file check_priv.php. References $cn, $Res, CheckIsAdmin(), DbConnect(), and ExecSql(). 00147 { 00148 if ( CheckIsAdmin ($p_login) ) return 1; 00149 $cn=DbConnect($p_dossier); 00150 $Res=ExecSql($cn,"select * from user_sec_act where ua_login='$p_login' and ua_act_id=$p_action_id"); 00151 $Count=pg_NumRows($Res); 00152 if ( $Count == 0 ) return 0; 00153 if ( $Count == 1 ) return 1; 00154 echo "<H2 class=\"error\"> Invalid action !!! $Count select * from user_sec_act where ua_login='$p_login' and ua_act_id=$p_action_id </H2>"; 00155 }
|
|
Check if an user has acces to a folder.
Definition at line 192 of file check_priv.php. References $cn, $sql, CheckIsAdmin(), CountSql(), and DbConnect(). 00193 { 00194 if ( CheckIsAdmin ($p_user) ) return 1; 00195 $cn=DbConnect(); 00196 $sql="select dos_id from ac_users 00197 natural join jnt_use_dos 00198 natural join ac_dossier 00199 join priv_user on ( priv_jnt=jnt_id) 00200 where use_active=1 00201 and use_login='$p_user' 00202 and dos_id='$p_dossier' 00203 and priv_priv != 'NO'"; 00204 return CountSql($cn,$sql); 00205 00206 }
|
|
Check if an user is an administrator.
Definition at line 167 of file check_priv.php. References $cn, $sql, CountSql(), and DbConnect(). Referenced by CheckAction(), CheckDossier(), and CheckJrn(). 00168 { 00169 if ( $p_user == 'phpcompta') return 1; 00170 $sql="select use_id from ac_users where use_login='$p_user' 00171 and use_active=1 and use_admin=1 "; 00172 $cn=DbConnect(); 00173 00174 $isAdmin=CountSql($cn,$sql); 00175 00176 00177 return $isAdmin; 00178 00179 }
|
|
Vérifie les acces d'un utilisateur sur un journal. parm :
$p_user le login user
Definition at line 46 of file check_priv.php. References $cn, $Res, $Res2, CheckIsAdmin(), CountSql(), DbConnect(), echo_debug(), and ExecSql(). Referenced by ShowMenuJrnUser(). 00047 { 00048 if ( CheckIsAdmin( $p_user) == 1 ) return 2; 00049 $cn=DbConnect($p_dossier); 00050 // Special 00051 // p_jrn = 0 ==> grand livre access if there is no uj_prix=X 00052 // or detail 00053 if ( $p_jrn == 0 ) { 00054 if ( $p_detail == false) { 00055 // $n_jrn=CountSql($cn,"select jrn_def_id from jrn_def"); 00056 $n_for=CountSql($cn,"select jrn_def_id,uj_priv 00057 from jrn_def left join user_sec_jrn on uj_jrn_id=jrn_def_id 00058 where uj_login='$p_user' and uj_priv='X'"); 00059 if ( $n_for == 0 ) 00060 return 2; 00061 else 00062 return 0; 00063 } else { 00064 // For a detail, at least one jrn must be accessible 00065 $n_for=CountSql($cn, " select jrn_def_id,uj_priv 00066 from jrn_def left join user_sec_jrn on uj_jrn_id=jrn_def_id 00067 where uj_login='$p_user' and uj_priv !='X'"); 00068 if ( $n_for == 0 ) 00069 return 0; 00070 else 00071 return 2; 00072 } 00073 00074 00075 } 00076 00077 // droit spécifique 00078 $Res2=ExecSql($cn,"select jrn_def_id,uj_priv 00079 from jrn_def left join user_sec_jrn on uj_jrn_id=jrn_def_id 00080 where uj_login='$p_user' and jrn_def_id=$p_jrn"); 00081 00082 $PrivJrn=pg_NumRows($Res2); 00083 $cn=DbConnect(); 00084 // droit par défaut 00085 $Res=ExecSql($cn," select * 00086 from ac_users left join jnt_use_dos using (use_id) 00087 left join priv_user on (priv_jnt=jnt_id) 00088 where use_login='$p_user' and 00089 dos_id=$p_dossier"); 00090 00091 $DefRight=pg_NumRows($Res); 00092 echo_debug ("PrivJrn = $PrivJrn DefRight $DefRight"); 00093 // Si les droits par défaut == 0, alors user n'a pas accès au dossier 00094 if ( $DefRight == 0 ) return 0; 00095 $Def=pg_fetch_array($Res,0); 00096 00097 // Si les droits par défaut == NO, alors user n'a pas accès au dossier 00098 if ( $Def['priv_priv'] == "NO" ) return 0; 00099 00100 if ( $Def['priv_priv'] == "W") { 00101 // Si droit pas défaut == écriture 00102 if ( $PrivJrn == 0 ) { 00103 // Pas de droit spécifique sur jrn => droit par défaut = W 00104 return 2; 00105 } 00106 $Priv=pg_fetch_array($Res2,0); 00107 00108 if ( $Priv['uj_priv'] == "X" ) return 0; 00109 if ( $Priv['uj_priv'] == "R" ) return 1; 00110 if ( $Priv['uj_priv'] == "W" ) return 2; 00111 echo '<H2 class="error"> Undefined right</H2>'; 00112 echo_debug ("Droit Journal $Priv[uj_priv]"); 00113 return 0; 00114 } 00115 if ( $Def['priv_priv'] == "R") { 00116 // Si droit pas défaut == Lire 00117 if ( $PrivJrn == 0 ) { 00118 // Pas de droit spécifique sur jrn => droit par défaut = Lire 00119 return 1; 00120 } 00121 $Priv=pg_fetch_array($Res2,0); 00122 00123 if ( $Priv['uj_priv'] == "X" ) return 0; 00124 if ( $Priv['uj_priv'] == "R" ) return 1; 00125 if ( $Priv['uj_priv'] == "W" ) return 2; 00126 echo_debug ("Droit Journal $Priv[uj_priv]"); 00127 echo '<H2 class="error"> Undefined right</H2>'; 00128 return 0; 00129 } 00130 echo '<H2 class="error"> Undefined default right</H2>'; 00131 return 0; 00132 00133 }
|